Skip to content

Commit 0695abe

Browse files
authored
Merge pull request #20 from DataDog/emilehugo.spir/update-attacks
Update attacks to work around changes to the detection rule
2 parents 8a864fe + d6c0c7f commit 0695abe

2 files changed

Lines changed: 5 additions & 1 deletion

File tree

cli/attacks/auth.js

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -89,6 +89,9 @@ async function bruteforce(targetURL){
8989
data : {
9090
"email": "bla@bla.com" ,
9191
"password": "notblabla"
92+
},
93+
headers: {
94+
'X-Forwarded-For': '1.2.3.4'
9295
}
9396
};
9497
spinner.text = 'Attempting login with incorrect password';

cli/attacks/ssrf.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -82,7 +82,8 @@ async function exploit(targetURL){
8282
headers: {
8383
'Cookie': "token=" + info.token,
8484
'Authorization': 'Bearer '+info.token,
85-
'Content-Type': 'application/x-www-form-urlencoded'
85+
'Content-Type': 'application/x-www-form-urlencoded',
86+
'X-Forwarded-For': '1.2.3.4'
8687
},
8788
// data : {
8889
// imageUrl: payload

0 commit comments

Comments
 (0)